Hosts Vulnerability Scanner
Host-level security assessments, including network shares and credential scanning
Our solution provides comprehensive and accurate vulnerability assessments, from pinpointing critical host vulnerabilities to evaluating weaknesses. Achieve unified visibility into IT and host vulnerabilities, boosting operational efficiency.
Us offers services to scan all devices on your server and obtain network shares. This process allows you to easily identify all devices on your network, manage network shares, and quickly identify any security vulnerabilities.
We use advanced scanning tools to detect all devices on your network and create an inventory. This helps you understand which devices are present on your network and their statuses.
We quickly identify shared folders and files on your network, helping you ensure these shares are correctly configured. This is crucial for data security and access control.
We also offer services to scan your specified private and public IPs. Our tools identify potential vulnerabilities in these IPs, helping you address security issues before they become critical.
Basic Reporting
Converts automatic scan results into readable, configurable reports. Each report includes severity, CVE references, verification status, and remediation recommendations. Reports can be downloaded as PDF/HTML/XLS and accessed via the API.
Notification
Sends real-time alerts via email and webhooks for scan results, critical findings, or scan errors. You can customize notification thresholds (e.g., critical/medium/low) and recipients per project or host.
Scheduling Scanning
Scheduled scans can run hourly, daily, weekly, or as custom scheduled jobs. A history of scans and scheduled tasks is maintained.
Report Compare
Compares different scan results and highlights new, fixed, and regression findings. You can filter changes by CVE, severity levels, and affected assets. Comparison outputs can be used for SLA tracking and trend reporting.
External Vulnerability Scanning
Performs external scans for internet-exposed assets and includes port/service discovery and banner fingerprinting modules. Provides safe, scalable, agentless scanning for IP blocks and cloud IP ranges. Includes WAF/IPS detection and false-positive reduction mechanisms.
Internal Vulnerability Scanning
Assesses the internal attack surface with internal network scans; supports segment-based targeting, VLAN-aware scanning, and low-noise profiles. Scan traffic throttling can be applied. Internal discovery results are automatically correlated with network topology.
Deep Scan
Performs in-depth analysis of services (e.g., application logic tests, exhaustive SSL/TLS certificate analysis, detailed configuration checks). With an extensive module set, it performs deeper verification and exploit proof-of-concept (PoC) attempts at the application, service, and OS levels.
Host Credential Scan
Performs authenticated scans using supplied credentials (SSH, WinRM, SMB, domain user); credentialed scans detect configuration issues, local exploit vectors, and privilege escalation surfaces. Credentials are stored in a secure vault, with access controls and audit logs for each scan. Credentialed results reduce false positives and produce more accurate patching recommendations.
Network Share Scan
Scans SMB/NFS shares to identify exposed files, incorrect permissions, misconfigured shares, and sensitive data leakage. Risks such as world-writable shares, admin-share access, and legacy backups/documents are automatically reported.
Network Topology Mapping
Automatically derives and visualizes network topology using active discovery, ARP/ICMP/LLDP, and passive traffic analysis. Host-switch-segment relationships, port density, and critical access paths are mapped; this information informs scanning policies and risk prioritization. Topology changes are stored as a time series.
Weak Credential / Weak Password
Detects weak/default/reused passwords against corporate password policies; reports weak credentials using dictionary checks, brute-force, and credential-stuffing attempts. Provides recommendations and enforces suggested password changes for discovered weak accounts.